1.\" Copyright (c) 1995 2.\" Jordan K. Hubbard 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. 9.\" 2. Redistributions in binary form must reproduce the above copyright 10.\" notice, this list of conditions and the following disclaimer in the 11.\" documentation and/or other materials provided with the distribution. 12.\" 13.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND 14.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 15.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 16.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE 17.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 18.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 19.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 20.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 21.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 22.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 23.\" SUCH DAMAGE. 24.\" 25.\" $FreeBSD: src/share/man/man5/rc.conf.5,v 1.197 2003/07/28 13:56:00 mbr Exp $ 26.\" 27.Dd August 29, 2014 28.Dt RC.CONF 5 29.Os 30.Sh NAME 31.Nm rc.conf 32.Nd system configuration information 33.Sh DESCRIPTION 34The file 35.Nm 36contains descriptive information about the local host name, configuration 37details for any potential network interfaces and which services should be 38started up at system initial boot time. 39In new installations, the 40.Nm 41file is generally initialized by the installer. 42.Pp 43The purpose of 44.Nm 45is not to run commands or perform system startup actions directly. 46Instead, it is included by the various generic startup scripts in 47.Pa /etc 48which conditionalize their 49internal actions according to the settings found there. 50.Pp 51The 52.Pa /etc/defaults/rc.conf 53file specifies the default settings for all the available options, 54the 55.Pa /etc/rc.conf 56file specifies override settings. 57Options need only be specified in 58.Pa /etc/rc.conf 59when the system administrator wishes to override the defaults. 60The file 61.Pa /etc/rc.conf.local 62is used to override settings in 63.Pa /etc/rc.conf 64for historical reasons. 65In addition to 66.Pa /etc/rc.conf.local 67you can also place smaller configuration files for each 68.Xr rc 8 69script in the 70.Pa /etc/rc.conf.d 71directory, which will be included by the 72.Va load_rc_config 73function. 74For jail configurations you could use the file 75.Pa /etc/rc.conf.d/jail 76to store jail specific configuration options. 77Also see the 78.Va rc_conf_files 79variable below. 80.Pp 81The following list provides a name and short description for each 82variable that can be set in the 83.Nm 84file. 85To set a variable of 86.Vt bool 87type, specify either 88.Dq Li YES , 89.Dq Li TRUE , 90.Dq Li ON , 91or 92.Dq Li 1 . 93To unset, specify 94.Dq Li NO , 95.Dq Li FALSE , 96.Dq Li OFF , 97or 98.Dq Li 0 . 99These values are case insensitive. 100The 101.Va _enable 102postfix in the name of a variable for starting a service can be 103omitted (as in 104.Nx ) . 105.Bl -tag -width indent-two 106.It Va rc_debug 107.Pq Vt bool 108If set to 109.Dq Li YES , 110enable output of debug messages from rc scripts. 111This variable can be helpful in diagnosing mistakes when 112editing or integrating new scripts. 113Beware that this produces copious output to the terminal and 114.Xr syslog 3 . 115.It Va rc_info 116.Pq Vt bool 117If set to 118.Dq Li NO , 119disable informational messages from the rc scripts. 120Informational messages are displayed when 121a condition that is not serious enough to warrant a warning or an error occurs. 122.It Va rc_startmsgs 123.Pq Vt bool 124If set to 125.Dq Li YES , 126show 127.Dq Starting foo: 128when faststart is used (e.g., at boot time). 129.It Va swapfile 130.Pq Vt str 131If set to 132.Dq Li NO , 133no swapfile is installed, otherwise the value is used as the full 134pathname to a file to use for additional swap space. 135The 136.Xr vn 4 137driver is needed for a swapfile and will be loaded if it is not 138already compiled into the kernel or loaded via 139.Xr loader.conf 5 . 140.It Va apm_enable 141.Pq Vt bool 142If set to 143.Dq Li YES , 144enable support for Automatic Power Management with the 145.Xr apm 8 146command. 147.It Va apmd_enable 148.Pq Vt bool 149Run 150.Xr apmd 8 151to handle APM event from userland. 152This also enables support for APM. 153.It Va apmd_flags 154.Pq Vt str 155If 156.Va apmd_enable 157is set to 158.Dq Li YES , 159these are the flags to pass to the 160.Xr apmd 8 161daemon. 162.It Va battd_enable 163Enable 164.Xr battd 8 165to monitor the status of batteries present in the system. 166This also enables support for APM. 167.It Va battd_flags 168.Pq Vt str 169If 170.Va battd_enable 171is set to 172.Dq Li YES , 173these are the flags to pass to the 174.Xr battd 8 175daemon. 176.It Va devd_enable 177.Pq Vt bool 178Run 179.Xr devd 8 180to handle device added, removed or unknown events from the kernel. 181.It Va devd_flags 182.Pq Vt str 183If 184.Va devd_enable 185is set to 186.Dq Li YES , 187these are the flags to pass to the 188.Xr devd 8 189daemon. 190.It Va powerd_enable 191.Pq Vt bool 192Set to 193.Dq Li NO 194by default. 195Setting this to 196.Dq Li YES 197enables 198.Xr powerd 8 , 199a CPU speed control daemon. 200.It Va sensorsd_enable 201.Pq Vt bool 202Set to 203.Dq Li NO 204by default. 205Setting this to 206.Dq Li YES 207enables 208.Xr sensorsd 8 , 209a sensors monitoring and logging daemon. 210.It Va sensorsd_flags 211.Pq Vt str 212Empty by default. 213Additional flags passed to the 214.Xr sensorsd 8 215program. 216.It Va sysvipcd_enable 217.Pq Vt bool 218Set to 219.Dq Li NO 220by default. 221Setting this to 222.Dq Li YES 223enables 224.Xr sysvipcd 8 , 225a sensors monitoring and logging daemon. 226.It Va sysvipcd_flags 227.Pq Vt str 228Empty by default. 229Additional flags passed to the 230.Xr sysvipcd 8 231program. 232.It Va hotplugd_enable 233.Pq Vt bool 234Set to 235.Dq Li NO 236by default. 237Setting this to 238.Dq Li YES 239enables 240.Xr hotplugd 8 , 241a devices hot plugging monitoring daemon. 242.It Va hotplugd_flags 243.Pq Vt str 244Empty by default. 245Additional flags passed to the 246.Xr hotplugd 8 247program. 248.It Va pccard_ifconfig 249.Pq Vt str 250List of arguments to be passed to 251.Xr ifconfig 8 252at boot time or on insertion of the card (e.g.\& 253.Dq Cm inet Li 192.168.1.1 Cm netmask Li 255.255.255.0 254for a fixed address or 255.Dq Li DHCP 256for a DHCP client). 257.It Va pccard_ether_delay 258.Pq Vt str 259Set the delay before starting 260.Xr dhclient 8 261in the 262.Pa /etc/pccard_ether 263script. 264This defaults to 5 seconds to work around a bug in the 265.Xr ed 4 266driver which can lead to system hangs when using some newer 267.Xr ed 4 268based cards. 269.It Va removable_interfaces 270.Pq Vt str 271List of removable network interfaces to be supported by 272.Pa /etc/pccard_ether . 273.It Va local_startup 274.Pq Vt str 275List of directories to search for startup script files. 276.It Va script_name_sep 277.Pq Vt str 278The field separator to use for breaking down the list of startup script files 279into individual filenames. 280The default is a space. 281It is not necessary to change this unless there are startup scripts with names 282containing spaces. 283.It Va hostapd_enable 284.Pq Vt bool 285Set to 286.Dq Li YES 287to start 288.Xr hostapd 8 289at system boot time. 290.It Va hostname 291.Pq Vt str 292The fully qualified domain name (FQDN) of this host on the network. 293This should almost certainly be set to something meaningful, even if 294there is no network connection. 295If 296.Xr dhclient 8 297is used to set the hostname via DHCP, 298this variable should be set to an empty string. 299.It Va ipv6_enable 300.Pq Vt bool 301Enable support for IPv6 networking. 302Note that this requires that the kernel have been compiled with 303.Cd "options INET6" . 304.It Va nisdomainname 305.Pq Vt str 306The NIS domain name of this host, or 307.Dq Li NO 308if NIS is not used. 309.It Va dhclient_program 310.Pq Vt str 311Path to the DHCP client program 312(default 313.Pa /sbin/dhclient ) . 314.It Va dhclient_flags 315.Pq Vt str 316Additional flags to pass to the DHCP client program. 317.It Va pf_enable 318.Pq Vt bool 319Set to 320.Dq Li YES 321to load 322.Xr pf 4 323at startup. 324If the kernel was not built with 325.Cd "device pf" , 326the 327.Pa pf.ko 328kernel module will be loaded. 329See also 330.Va firewall_enable . 331.It Va pf_rules 332.Pq Vt str 333Path to the 334.Xr pf 4 335ruleset definition file. 336.It Va pf_program 337.Pq Vt str 338Path to 339.Xr pfctl 8 . 340.It Va pf_flags 341.Pq Vt str 342If 343.Va pf_enable 344is set to 345.Dq Li YES , 346these are the flags to pass to 347.Xr pfctl 8 348when loading the ruleset. 349.It Va pflog_enable 350.Pq Vt bool 351Set this to 352.Dq Li YES 353to enable 354.Xr pflogd 8 355which logs packets from 356.Xr pf 4 . 357.It Va pflog_logfile 358.Pq Vt str 359If 360.Va pflog_enable 361is set to 362.Dq Li YES 363this specifies the path of the log file. 364.It Va pflog_program 365.Pq Vt str 366Path to 367.Xr pflogd 8 . 368.It Va pflog_flags 369.Pq Vt str 370If 371.Va pflog_enable 372is set to 373.Dq Li YES , 374these are the flags to pass to 375.Xr pflogd 8 . 376.It Va firewall_enable 377.Pq Vt bool 378Set to 379.Dq Li YES 380to load firewall rules at startup. 381If the kernel was not built with 382.Cd "options IPFIREWALL" , 383the 384.Pa ipfw.ko 385kernel module will be loaded. 386See also 387.Va pf_enable . 388.It Va ipv6_firewall_enable 389.Pq Vt bool 390The IPv6 equivalent of 391.Va firewall_enable . 392Set to 393.Dq Li YES 394to load IPv6 firewall rules at startup. 395If the kernel was not built with 396.Cd "options IPV6FIREWALL" , 397the 398.Pa ip6fw.ko 399kernel module will be loaded. 400.It Va firewall_script 401.Pq Vt str 402The full path to the firewall script to run 403(default 404.Pa /etc/rc.firewall ) . 405.It Va ipv6_firewall_script 406.Pq Vt str 407The IPv6 equivalent of 408.Va firewall_script . 409.It Va firewall_type 410.Pq Vt str 411Names the firewall type from the selection in 412.Pa /etc/rc.firewall , 413or the file which contains the local firewall ruleset. 414Valid selections from 415.Pa /etc/rc.firewall 416are: 417.Pp 418.Bl -tag -width ".Li simple" -compact 419.It Li open 420unrestricted IP access 421.It Li closed 422all IP services disabled, except via 423.Dq Li lo0 424.It Li client 425basic protection for a workstation on a LAN 426.It Li simple 427alias for 428.Li client . 429.El 430.Pp 431If a filename is specified, the full path must be given. 432.It Va firewall_trusted_nets 433.Pq Vt str 434List of trusted networks (if 435.Va firewall_type 436is set to 437.Li client ) . 438.It Va firewall_trusted_interfaces 439.Pq Vt str 440List of trusted network interfaces (if 441.Va firewall_type 442is set to 443.Li client ) . 444.It Va firewall_allowed_icmp_types 445.Pq Vt str 446List of allowed ICMP types (if 447.Va firewall_type 448is set to 449.Li client ) . 450.It Va firewall_open_tcp_ports 451.Pq Vt str 452List of TCP ports to open (if 453.Va firewall_type 454is set to 455.Li client ) . 456.It Va firewall_open_udp_ports 457.Pq Vt str 458List of UDP ports to open (if 459.Va firewall_type 460is set to 461.Li client ) . 462.It Va ipv6_firewall_type 463.Pq Vt str 464The IPv6 equivalent of 465.Va firewall_type . 466.It Va firewall_quiet 467.Pq Vt bool 468Set to 469.Dq Li YES 470to disable the display of firewall rules on the console during boot. 471.It Va ipv6_firewall_quiet 472.Pq Vt bool 473The IPv6 equivalent of 474.Va firewall_quiet . 475.It Va firewall_logging 476.Pq Vt bool 477Set to 478.Dq Li YES 479to enable firewall event logging. 480This is equivalent to the 481.Dv IPFIREWALL_VERBOSE 482kernel option. 483.It Va ipv6_firewall_logging 484.Pq Vt bool 485The IPv6 equivalent of 486.Va firewall_logging . 487.It Va firewall_flags 488.Pq Vt str 489Flags passed to 490.Xr ipfw 8 491if 492.Va firewall_type 493specifies a filename. 494.It Va ipv6_firewall_flags 495.Pq Vt str 496The IPv6 equivalent of 497.Va firewall_flags . 498.It Va natd_program 499.Pq Vt str 500Path to 501.Xr natd 8 . 502.It Va natd_enable 503.Pq Vt bool 504Set to 505.Dq Li YES 506to enable 507.Xr natd 8 . 508.Va firewall_enable 509must also be set to 510.Dq Li YES , 511and 512.Xr divert 4 513sockets must be enabled in the kernel. 514.It Va natd_interface 515.Pq Vt str 516This is the name of the public interface on which 517.Xr natd 8 518should run. 519The interface may be given as an interface name or as an IP address. 520.It Va natd_flags 521.Pq Vt str 522Additional 523.Xr natd 8 524flags should be placed here. 525The 526.Fl n 527or 528.Fl a 529flag is automatically added with the above 530.Va natd_interface 531as an argument. 532.It Va tcp_extensions 533.Pq Vt bool 534Set to 535.Dq Li YES 536by default. 537Setting this to 538.Dq Li NO 539disables certain TCP options as described by 540.Rs 541.%T "RFC 1323" 542.Re 543Setting this to 544.Dq Li NO 545might help remedy such problems with connections as randomly hanging 546or other weird behavior. 547Some network devices are known to be broken with respect to these options. 548.It Va log_in_vain 549.Pq Vt int 550Set to 0 by default. 551The 552.Xr sysctl 8 553variables, 554.Va net.inet.tcp.log_in_vain 555and 556.Va net.inet.udp.log_in_vain , 557as described in 558.Xr tcp 4 559and 560.Xr udp 4 , 561are set to the given value. 562.It Va tcp_keepalive 563.Pq Vt bool 564Set to 565.Dq Li YES 566by default. 567Setting to 568.Dq Li NO 569will disable probing idle TCP connections to verify that the 570peer is still up and reachable. 571.It Va tcp_drop_synfin 572.Pq Vt bool 573Set to 574.Dq Li NO 575by default. 576Setting to 577.Dq Li YES 578will cause the kernel to ignore TCP frames that have both 579the SYN and FIN flags set. 580This prevents OS fingerprinting, but may break some legitimate applications. 581This option is only available if the kernel was built with the 582.Dv TCP_DROP_SYNFIN 583option. 584.It Va icmp_drop_redirect 585.Pq Vt bool 586Set to 587.Dq Li NO 588by default. 589Setting to 590.Dq Li YES 591will cause the kernel to ignore ICMP REDIRECT packets. 592Refer to 593.Xr icmp 4 594for more information. 595.It Va icmp_log_redirect 596.Pq Vt bool 597Set to 598.Dq Li NO 599by default. 600Setting to 601.Dq Li YES 602will cause the kernel to log ICMP REDIRECT packets. 603Note that 604the log messages are not rate-limited, so this option should only be used 605for troubleshooting networks. 606Refer to 607.Xr icmp 4 608for more information. 609.It Va icmp_bmcastecho 610.Pq Vt bool 611Set to 612.Dq Li YES 613to respond to broadcast or multicast ICMP ping packets. 614Refer to 615.Xr icmp 4 616for more information. 617.It Va ip_portrange_first 618.Pq Vt int 619If not set to 620.Dq Li NO , 621this is the first port in the default portrange. 622Refer to 623.Xr ip 4 624for more information. 625.It Va ip_portrange_last 626.Pq Vt int 627If not set to 628.Dq Li NO , 629this is the last port in the default portrange. 630Refer to 631.Xr ip 4 632for more information. 633.\" 634.It Va ifconfig_ Ns Aq Ar interface 635.Pq Vt str 636Configuration for 637.Dq interface . 638Typically includes IP address. 639Assuming that the interface in question was 640.Li ed0 , 641it might look something like this: 642.Bd -literal 643ifconfig_ed0="inet 10.0.0.1 netmask 0xffff0000" 644.Ed 645.Pp 646If the 647.Pa /etc/start_if. Ns Aq Ar interface 648file is present, it is read and executed by the 649.Xr sh 1 650interpreter before configuring the interface as specified in the 651.Va ifconfig_ Ns Aq Ar interface 652and 653.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 654variables. 655.Pp 656It is possible to bring up an interface with DHCP by adding 657.Dq Li DHCP 658to the 659.Va ifconfig_ Ns Aq Ar interface 660variable. 661For instance, to initialize the 662.Li ed0 663device via DHCP, it is possible to use something like: 664.Bd -literal 665ifconfig_ed0="DHCP" 666.Ed 667.Pp 668If a 669.Va vlans_ Ns Aq Ar interface 670variable is set, 671a 672.Xr vlan 4 673interface will be created for each item in the list with the 674.Ar vlandev 675argument set to 676.Ar interface . 677If a vlan interface's name is a number, 678then that number is used as the vlan tag and the new vlan interface is 679named 680.Ar interface . Ns Ar tag . 681Otherwise, 682the vlan tag must be specified via a 683.Va vlan 684parameter in the 685.Va create_args_ Ns Aq Ar interface 686variable. 687.Pp 688To create a vlan device named 689.Li em0.101 690on 691.Li em0 692with the vlan tag 101 and the optional the IPv4 address 192.0.2.1/24: 693.Bd -literal 694vlans_em0="101" 695ifconfig_em0_101="inet 192.0.2.1/24" 696.Ed 697.Pp 698To create a vlan device named 699.Li myvlan 700on 701.Li em0 702with the vlan tag 102: 703.Bd -literal 704vlans_em0="myvlan" 705create_args_myvlan="vlan 102" 706.Ed 707.Pp 708If a 709.Va wlans_ Ns Aq Ar interface 710variable is set, 711an 712.Xr wlan 4 713interface will be created for each item in the list with the 714.Ar wlandev 715argument set to 716.Ar interface . 717Further wlan cloning arguments may be passed to the 718.Xr ifconfig 8 719.Cm create 720command by setting the 721.Va create_args_ Ns Aq Ar interface 722variable. 723One or more 724.Xr wlan 4 725devices must be created for each wireless devices as of 726.Dx 2.5 . 727Debugging flags for 728.Xr wlan 4 729devices as set by 730.Xr wlandebug 8 731may be specified with an 732.Va wlandebug_ Ns Aq Ar interface 733variable. 734The contents of this variable will be passed directly to 735.Xr wlandebug 8 . 736.Pp 737Also, if your interface needs WPA authentication, it is possible to add 738.Dq Li WPA 739to the 740.Va ifconfig_ Ns Aq Ar interface 741variable. 742This will start 743.Xr wpa_supplicant 8 . 744See 745.Xr wpa_supplicant.conf 5 746for configuring authentication information. 747.Pp 748Finally, you can add 749.Xr ifconfig 8 750options in this variable, in addition to the 751.Pa /etc/start_if. Ns Aq Ar interface 752file. 753For instance, to initialize the 754.Li wi0 755device via DHCP, using WPA authentication and 802.11b mode, it is 756possible to use something like: 757.Bd -literal 758wlans_wi0="wlan0" 759ifconfig_wlan0="up DHCP WPA mode 11b" 760.Ed 761.It Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 762.Pq Vt str 763Configuration to establish an additional network address for 764.Dq interface . 765Assuming that the interface in question was 766.Li ed0 , 767it might look something like this: 768.Bd -literal 769ifconfig_ed0_alias0="inet 127.0.0.253 netmask 0xffffffff" 770ifconfig_ed0_alias1="inet 127.0.0.254 netmask 0xffffffff" 771.Ed 772.Pp 773And so on. 774For each 775.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 776entry that is found, its contents are passed to 777.Xr ifconfig 8 . 778Execution stops at the first unsuccessful access, so if 779something like this is present: 780.Bd -literal 781ifconfig_ed0_alias0="inet 127.0.0.251 netmask 0xffffffff" 782ifconfig_ed0_alias1="inet 127.0.0.252 netmask 0xffffffff" 783ifconfig_ed0_alias2="inet 127.0.0.253 netmask 0xffffffff" 784ifconfig_ed0_alias4="inet 127.0.0.254 netmask 0xffffffff" 785.Ed 786.Pp 787Then note that alias4 would 788.Em not 789be added since the search would stop with the missing alias3 entry. 790.It Va ifconfig_ Ns Ao Ar interface Ac Ns Va _name 791.Pq Vt str 792New name for 793.Dq interface . 794It is possible to rename interface by doing: 795.Bd -literal 796ifconfig_ed0_name="net0" 797ifconfig_net0="inet 10.0.0.1 netmask 0xffff0000" 798.Ed 799.It Va network_interfaces 800.Pq Vt str 801The list of network interfaces to configure on this host, 802or 803.Dq Li auto 804to configure all network interfaces 805(default 806.Dq Li auto ) . 807For example, if the only network devices to be configured are the loopback device 808.Pq Li lo0 809and a NIC using the 810.Xr ed 4 811driver, this could be set to 812.Dq Li "lo0 ed0" . 813An 814.Va ifconfig_ Ns Aq Ar interface 815variable is assumed to exist for each value of 816.Ar interface . 817.It Va ipv6_network_interfaces 818.Pq Vt str 819This is the IPv6 equivalent of 820.Va network_interfaces . 821Instead of setting the ifconfig variables as 822.Va ifconfig_ Ns Aq Ar interface 823they should be set as 824.Va ipv6_ifconfig_ Ns Aq Ar interface . 825Aliases should be set as 826.Va ipv6_ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n . 827Interfaces that do not have a 828.Va ipv6_ifconfig_ Ns Aq Ar interface 829setting will be auto configured by 830.Xr rtsol 8 831if the 832.Va ipv6_gateway_enable 833is set to 834.Dq Li NO . 835Note that the IPv6 networking code does not support the 836.Pa /etc/start_if. Ns Aq Ar interface 837files. 838.It Va ipv6_prefix_ Ns Aq Ar interface 839.Pq Vt str 840Assign prefix to 841.Ar interface , 842prefixlen 64 is used. 843.It Va ipv6_default_interface 844.Pq Vt str 845If not set to 846.Dq Li NO , 847this is the default output interface for scoped addresses. 848Now this works only for IPv6 link local multicast addresses. 849.It Va cloned_interfaces 850.Pq Vt str 851Set to the list of clonable network interfaces to create on this host. 852Entries in 853.Va cloned_interfaces 854are automatically appended to 855.Va network_interfaces 856for configuration. 857.It Va gif_interfaces 858.Pq Vt str 859Set to the list of 860.Xr gif 4 861tunnel interfaces to configure on this host. 862A 863.Va gifconfig_ Ns Aq Ar interface 864variable is assumed to exist for each value of 865.Ar interface . 866The value of this variable is used to configure the link layer of the 867tunnel according to the syntax of the 868.Cm tunnel 869option to 870.Xr ifconfig 8 . 871Additionally, this option ensures that each listed interface is created via the 872.Cm create 873option to 874.Xr ifconfig 8 875before attempting to configure it. 876.It Va sppp_interfaces 877.Pq Vt str 878Set to the list of 879.Xr sppp 4 880interfaces to configure on this host. 881A 882.Va spppconfig_ Ns Aq Ar interface 883variable is assumed to exist for each value of 884.Ar interface . 885Each interface should also be configured by a general 886.Va ifconfig_ Ns Aq Ar interface 887setting. 888Refer to 889.Xr spppcontrol 8 890for more information about available options. 891.It Va ppp_enable 892.Pq Vt bool 893If set to 894.Dq Li YES , 895run the 896.Xr ppp 8 897daemon. 898.It Va ppp_mode 899.Pq Vt str 900Mode in which to run the 901.Xr ppp 8 902daemon. 903Accepted modes are 904.Dq Li auto , 905.Dq Li ddial , 906.Dq Li direct 907and 908.Dq Li dedicated . 909See the manual for a full description. 910.It Va ppp_nat 911.Pq Vt bool 912If set to 913.Dq Li YES , 914enables network address translation. 915Used in conjunction with 916.Va gateway_enable 917allows hosts on private network addresses access to the Internet using 918this host as a network address translating router. 919.It Va ppp_profile 920.Pq Vt str 921The name of the profile to use from 922.Pa /etc/ppp/ppp.conf . 923Also used for per-profile overrides of 924.Va ppp_ Ns Ao Ar profile Ac Ns _unit . 925Where the profile contains any of the characters 926.Dq Li .-/+ 927they are translated to 928.Dq Li _ 929for the purposes of the override variable names. 930.It Va ppp_ Ns Ao Ar profile Ac Ns _unit 931.Pq Vt int 932Set the unit number to be used for this profile. 933See the manual description of 934.Fl unit Ns Ar N 935in 936.Xr ppp 8 937for details. 938.It Va ppp_user 939.Pq Vt str 940The name of the user under which 941.Xr ppp 8 942should be started. 943By default, 944.Xr ppp 8 945is started as 946.Dq Li root . 947.It Va rc_conf_files 948.Pq Vt str 949This option is used to specify a list of files that will override 950the settings in 951.Pa /etc/defaults/rc.conf . 952The files will be read in the order in which they are specified and should 953include the full path to the file. 954By default, the files specified are 955.Pa /etc/rc.conf 956and 957.Pa /etc/rc.conf.local 958.It Va fsck_y_enable 959.Pq Vt bool 960If set to 961.Dq Li YES , 962.Xr fsck 8 963will be run with the 964.Fl y 965flag if the initial preen of the file systems fails. 966.It Va netfs_types 967.Pq Vt str 968List of file system types that are network-based. 969This list should generally not be modified by end users. 970Use 971.Va extra_netfs_types 972instead. 973.It Va extra_netfs_types 974.Pq Vt str 975If set to something other than 976.Dq Li NO 977(the default), this variable extends the list of file system types 978for which automatic mounting at startup by 979.Xr rc 8 980should be delayed until the network is initialized. 981It should contain 982a whitespace-separated list of network file system descriptor pairs, 983each consisting of a file system type as passed to 984.Xr mount 8 985and a human-readable, one-word description, joined with a colon 986.Pq Ql \&: . 987Extending the default list in this way is only necessary 988when third party file system types are used. 989.It Va devfs_config_files 990.Pq Vt str 991This option is used to specify a list of configuration files containing 992.Xr devfs 5 993rules that will be applied by 994.Xr devfsctl 8 995in the order in which they are specified and must include the full path 996to the file. 997.It Va syslogd_enable 998.Pq Vt bool 999If set to 1000.Dq Li YES , 1001run the 1002.Xr syslogd 8 1003daemon. 1004.It Va syslogd_program 1005.Pq Vt str 1006Path to 1007.Xr syslogd 8 1008(default 1009.Pa /usr/sbin/syslogd ) . 1010.It Va syslogd_flags 1011.Pq Vt str 1012If 1013.Va syslogd_enable 1014is set to 1015.Dq Li YES , 1016these are the flags to pass to 1017.Xr syslogd 8 . 1018.It Va inetd_enable 1019.Pq Vt bool 1020If set to 1021.Dq Li YES , 1022run the 1023.Xr inetd 8 1024daemon. 1025.It Va inetd_program 1026.Pq Vt str 1027Path to 1028.Xr inetd 8 1029(default 1030.Pa /usr/sbin/inetd ) . 1031.It Va inetd_flags 1032.Pq Vt str 1033If 1034.Va inetd_enable 1035is set to 1036.Dq Li YES , 1037these are the flags to pass to 1038.Xr inetd 8 . 1039.It Va rwhod_enable 1040.Pq Vt bool 1041If set to 1042.Dq Li YES , 1043run the 1044.Xr rwhod 8 1045daemon at boot time. 1046.It Va rwhod_flags 1047.Pq Vt str 1048If 1049.Va rwhod_enable 1050is set to 1051.Dq Li YES , 1052these are the flags to pass to it. 1053.It Va amd_enable 1054.Pq Vt bool 1055If set to 1056.Dq Li YES , 1057run the 1058.Xr amd 8 1059daemon at boot time. 1060.It Va amd_flags 1061.Pq Vt str 1062If 1063.Va amd_enable 1064is set to 1065.Dq Li YES , 1066these are the flags to pass to it. 1067See the 1068.Xr amd 8 1069manpage for more information. 1070.It Va amd_map_program 1071.Pq Vt str 1072If set, the specified program is run to get the list of 1073.Xr amd 8 1074maps. 1075For example, if the 1076.Xr amd 8 1077maps are stored in NIS, one can set this to run 1078.Xr ypcat 1 1079to get a list of 1080.Xr amd 8 1081maps from the 1082.Pa amd.master 1083NIS map. 1084.It Va update_motd 1085.Pq Vt bool 1086If set to 1087.Dq Li YES , 1088.Pa /etc/motd 1089will be updated at boot time to reflect the kernel release being run. 1090If set to 1091.Dq Li NO , 1092.Pa /etc/motd 1093will not be updated. 1094.It Va nfs_client_enable 1095.Pq Vt bool 1096If set to 1097.Dq Li YES , 1098setup NFS client parameters at boot time. 1099.It Va nfs_access_cache 1100.Pq Vt int 1101If 1102.Va nfs_client_enable 1103is set to 1104.Dq Li YES , 1105this can be set to 1106.Dq Li 0 1107to disable NFS ACCESS RPC caching, or to the number of seconds for which 1108NFS ACCESS results should be cached. 1109A value of 2-10 seconds will substantially reduce network traffic for 1110many NFS operations. 1111The default is 5 seconds. 1112Note that the attribute cache holds stat information only. 1113The NFS data cache is independent of the attribute cache and is only 1114invalidated when the client detects that the server has modified the 1115underlying file. 1116This value specifies a maximum timeout. 1117The NFS client will automatically use a shorter timeout for files which 1118have been recently modified. 1119.It Va nfs_neg_cache 1120.Pq Vt int 1121If 1122.Va nfs_client_enable 1123is set to 1124.Dq Li YES , 1125this can be set to 1126.Dq Li 0 1127to disable the caching of NEGATIVE LOOKUPS (lookups of non-existent 1128filenames), or to the number of seconds for which negative lookups should 1129be cached. 1130A value of 2-10 seconds will substantially reduce network 1131traffic for many NFS operations, especially source code builds. 1132The default is 3 seconds. 1133.It Va nfs_server_enable 1134.Pq Vt bool 1135If set to 1136.Dq Li YES , 1137run the NFS server daemons at boot time. 1138.It Va nfs_server_flags 1139.Pq Vt str 1140If 1141.Va nfs_server_enable 1142is set to 1143.Dq Li YES , 1144these are the flags to pass to the 1145.Xr nfsd 8 1146daemon. 1147.It Va mountd_enable 1148.Pq Vt bool 1149If set to 1150.Dq Li YES , 1151and no 1152.Va nfs_server_enable 1153is set, start 1154.Xr mountd 8 , 1155but not 1156.Xr nfsd 8 1157daemon. 1158It is commonly needed to run CFS without real NFS used. 1159.It Va mountd_flags 1160.Pq Vt str 1161If 1162.Va mountd_enable 1163is set to 1164.Dq Li YES , 1165these are the flags to pass to the 1166.Xr mountd 8 1167daemon. 1168.It Va weak_mountd_authentication 1169.Pq Vt bool 1170If set to 1171.Dq Li YES , 1172allow services like PCNFSD to make non-privileged mount requests. 1173.It Va nfs_reserved_port_only 1174.Pq Vt bool 1175If set to 1176.Dq Li YES , 1177provide NFS services only on a secure port. 1178.It Va nfs_bufpackets 1179.Pq Vt int 1180If set to a number, indicates the number of packets worth of 1181socket buffer space to reserve on an NFS client. 1182The kernel default is typically 4. 1183Using a higher number may be useful on gigabit networks to improve performance. 1184The minimum value is 2 and the maximum is 64. 1185.It Va rpc_umntall_enable 1186.Pq Vt bool 1187If set to 1188.Dq Li YES 1189(default) and we are also an NFS client, run 1190.Xr rpc.umntall 8 1191at boot time to clear out old mounts on remote servers. 1192If set to 1193.Dq Li NO 1194then 1195.Xr rpc.umntall 8 1196will not be run at boot time. 1197.It Va rpc_lockd_enable 1198.Pq Vt bool 1199If set to 1200.Dq Li YES 1201and also an NFS server, run 1202.Xr rpc.lockd 8 1203at boot time. 1204.It Va rpc_lockd_flags 1205.Pq Vt str 1206If 1207.Va rpc_lockd_enable 1208is set to 1209.Dq Li YES , 1210these are the flags to pass to 1211.Xr rpc.lockd 8 . 1212.It Va rpc_statd_enable 1213.Pq Vt bool 1214If set to 1215.Dq Li YES 1216and also an NFS server, run 1217.Xr rpc.statd 8 1218at boot time. 1219.It Va rpc_statd_flags 1220.Pq Vt str 1221If 1222.Va rpc_statd_enable 1223is set to 1224.Dq Li YES , 1225these are the flags to pass to 1226.Xr rpc.statd 8 . 1227.It Va rpcbind_program 1228.Pq Vt str 1229Path to program for rpcbind daemon 1230(default 1231.Pa /usr/sbin/rpcbind ) . 1232.It Va rpcbind_enable 1233.Pq Vt bool 1234If set to 1235.Dq Li YES , 1236run 1237.Va rpcbind_program 1238at boot time. 1239.It Va rpcbind_flags 1240.Pq Vt str 1241If 1242.Va rpcbind_enable 1243is set to 1244.Dq Li YES , 1245these are the flags to pass to 1246.Va rpcbind_program . 1247.It Va keyserv_enable 1248.Pq Vt bool 1249If set to 1250.Dq Li YES , 1251run the 1252.Xr keyserv 8 1253daemon on boot for running Secure RPC. 1254.It Va keyserv_flags 1255.Pq Vt str 1256If 1257.Va keyserv_enable 1258is set to 1259.Dq Li YES , 1260these are the flags to pass to 1261.Xr keyserv 8 1262daemon. 1263.It Va pppoed_enable 1264.Pq Vt bool 1265If set to 1266.Dq Li YES , 1267run the 1268.Xr pppoed 8 1269daemon at boot time to provide PPP over Ethernet services. 1270.It Va pppoed_provider 1271.Pq Vt str 1272.Xr pppoed 8 1273listens to requests to this provider and ultimately runs 1274.Xr ppp 8 1275with a 1276.Ar system 1277argument of the same name. 1278.It Va pppoed_flags 1279.Pq Vt str 1280Additional flags to pass to 1281.Xr pppoed 8 . 1282.It Va pppoed_interface 1283.Pq Vt str 1284The network interface to run 1285.Xr pppoed 8 1286on. 1287This is mandatory when 1288.Va pppoed_enable 1289is set to 1290.Dq Li YES . 1291.It Va timed_enable 1292.Pq Vt bool 1293If set to 1294.Dq Li YES , 1295run the 1296.Xr timed 8 1297service at boot time. 1298This command is intended for networks of machines where a consistent 1299.Dq "network time" 1300for all hosts must be established. 1301This is often useful in large NFS environments where time stamps on 1302files are expected to be consistent network-wide. 1303.It Va timed_flags 1304.Pq Vt str 1305If 1306.Va timed_enable 1307is set to 1308.Dq Li YES , 1309these are the flags to pass to the 1310.Xr timed 8 1311service. 1312.It Va dntpd_enable 1313.Pq Vt bool 1314If set to 1315.Dq Li YES , 1316run 1317.Xr dntpd 8 1318at system boot time. 1319.It Va dntpd_program 1320.Pq Vt str 1321Path to 1322.Xr dntpd 8 1323(default 1324.Pa /usr/sbin/dntpd ) . 1325.It Va dntpd_flags 1326.Pq Vt str 1327If 1328.Va dntpd_enable 1329is set to 1330.Dq Li YES , 1331these are the flags to pass to the 1332.Xr dntpd 8 1333daemon. 1334.It Va btconfig_enable 1335.Pq Vt bool 1336If set to 1337.Dq Li YES , 1338configure Bluetooth devices via 1339.Xr btconfig 8 1340at system boot time. 1341.It Va btconfig_devices 1342.Pq Vt str 1343If 1344.Va btconfig_enable 1345is set to 1346.Dq Li YES , 1347this is the list of Bluetooth devices to configure. 1348If 1349.Va btconfig_devices 1350is not specified, all devices known to the system will be configured. 1351A 1352.Va btconfig_ Ns Aq Ar device 1353variable can be set to specify parameters to be passed to 1354.Ar device . 1355.It Va btconfig_args 1356.Pq Vt str 1357If 1358.Va btconfig_enable 1359is set to 1360.Dq Li YES , 1361this is the list of configuration parameters to pass to all Bluetooth 1362devices. 1363.It Va sdpd_enable 1364.Pq Vt bool 1365If set to 1366.Dq Li YES , 1367run the Service Discovery Profile daemon 1368.Xr ( sdpd 8 ) 1369at system boot time. 1370.It Va sdpd_flags 1371.Pq Vt str 1372If 1373.Va sdpd_enable 1374is set to 1375.Dq Li YES , 1376these are the flags to pass to the 1377.Xr sdpd 8 1378daemon. 1379.It Va bthcid_enable 1380.Pq Vt bool 1381If set to 1382.Dq Li YES , 1383run the Bluetooth Link Key/PIN Code Manager daemon 1384.Xr ( bthcid 8 ) 1385at system boot time. 1386.It Va bthcid_flags 1387.Pq Vt str 1388If 1389.Va bthcid_enable 1390is set to 1391.Dq Li YES , 1392these are the flags to pass to the 1393.Xr bthcid 8 1394daemon. 1395.It Va nis_client_enable 1396.Pq Vt bool 1397If set to 1398.Dq Li YES , 1399run the 1400.Xr ypbind 8 1401service at system boot time. 1402.It Va nis_client_flags 1403.Pq Vt str 1404If 1405.Va nis_client_enable 1406is set to 1407.Dq Li YES , 1408these are the flags to pass to the 1409.Xr ypbind 8 1410service. 1411.It Va nis_ypset_enable 1412.Pq Vt bool 1413If set to 1414.Dq Li YES , 1415run the 1416.Xr ypset 8 1417daemon at system boot time. 1418.It Va nis_ypset_flags 1419.Pq Vt str 1420If 1421.Va nis_ypset_enable 1422is set to 1423.Dq Li YES , 1424these are the flags to pass to the 1425.Xr ypset 8 1426daemon. 1427.It Va nis_server_enable 1428.Pq Vt bool 1429If set to 1430.Dq Li YES , 1431run the 1432.Xr ypserv 8 1433daemon at system boot time. 1434.It Va nis_server_flags 1435.Pq Vt str 1436If 1437.Va nis_server_enable 1438is set to 1439.Dq Li YES , 1440these are the flags to pass to the 1441.Xr ypserv 8 1442daemon. 1443.It Va nis_ypxfrd_enable 1444.Pq Vt bool 1445If set to 1446.Dq Li YES , 1447run the 1448.Xr rpc.ypxfrd 8 1449daemon at system boot time. 1450.It Va nis_ypxfrd_flags 1451.Pq Vt str 1452If 1453.Va nis_ypxfrd_enable 1454is set to 1455.Dq Li YES , 1456these are the flags to pass to the 1457.Xr rpc.ypxfrd 8 1458daemon. 1459.It Va nis_yppasswdd_enable 1460.Pq Vt bool 1461If set to 1462.Dq Li YES , 1463run the 1464.Xr rpc.yppasswdd 8 1465daemon at system boot time. 1466.It Va nis_yppasswdd_flags 1467.Pq Vt str 1468If 1469.Va nis_yppasswdd_enable 1470is set to 1471.Dq Li YES , 1472these are the flags to pass to the 1473.Xr rpc.yppasswdd 8 1474daemon. 1475.It Va rpc_ypupdated_enable 1476.Pq Vt bool 1477If set to 1478.Dq Li YES , 1479run the 1480.Nm rpc.ypupdated 1481daemon at system boot time. 1482.It Va defaultrouter 1483.Pq Vt str 1484If not set to 1485.Dq Li NO , 1486create a default route to this host name or IP address 1487(use an IP address if this router is also required to get to the 1488name server!). 1489.It Va ipv6_defaultrouter 1490.Pq Vt str 1491The IPv6 equivalent of 1492.Va defaultrouter . 1493.It Va static_routes 1494.Pq Vt str 1495Set to the list of static routes that are to be added at system boot time. 1496If not set to 1497.Dq Li NO 1498then for each whitespace separated 1499.Ar element 1500in the value, a 1501.Va route_ Ns Aq Ar element 1502variable is assumed to exist whose contents will later be passed to a 1503.Dq Nm route Cm add 1504operation. 1505.It Va change_routes 1506.Pq Vt str 1507Set to the list of static routes that are to be changed at system boot time 1508(such as those added by the kernel). 1509If not set to 1510.Dq Li NO 1511then for each whitespace separated 1512.Ar element 1513in the value, a 1514.Va change_route_ Ns Aq Ar element 1515variable is assumed to exist whose contents will later be passed to a 1516.Dq Nm route Cm change 1517operation. 1518.It Va ipv6_static_routes 1519.Pq Vt str 1520The IPv6 equivalent of 1521.Va static_routes . 1522If not set to 1523.Dq Li NO 1524then for each whitespace separated 1525.Ar element 1526in the value, a 1527.Va ipv6_route_ Ns Aq Ar element 1528variable is assumed to exist whose contents will later be passed to a 1529.Dq Nm route Cm add Fl inet6 1530operation. 1531.It Va gateway_enable 1532.Pq Vt bool 1533If set to 1534.Dq Li YES , 1535configure host to act as an IP router, e.g. to forward packets 1536between interfaces. 1537.It Va ipv6_gateway_enable 1538.Pq Vt bool 1539The IPv6 equivalent of 1540.Va gateway_enable . 1541.It Va router_enable 1542.Pq Vt bool 1543If set to 1544.Dq Li YES , 1545run a routing daemon of some sort, based on the settings of 1546.Va router_program 1547and 1548.Va router_flags . 1549.It Va ipv6_router_enable 1550.Pq Vt bool 1551The IPv6 equivalent of 1552.Va router_enable . 1553If set to 1554.Dq Li YES , 1555run a routing daemon of some sort, based on the settings of 1556.Va ipv6_router_program 1557and 1558.Va ipv6_router_flags . 1559.It Va router_program 1560.Pq Vt str 1561If 1562.Va router_enable 1563is set to 1564.Dq Li YES , 1565this is the name of the routing daemon to use 1566(default 1567.Pa /sbin/routed ) . 1568.It Va ipv6_router_program 1569.Pq Vt str 1570The IPv6 equivalent of 1571.Va router_program 1572(default 1573.Pa /sbin/route6d ) . 1574.It Va router_flags 1575.Pq Vt str 1576If 1577.Va router_enable 1578is set to 1579.Dq Li YES , 1580these are the flags to pass to the routing daemon. 1581.It Va ipv6_router_flags 1582.Pq Vt str 1583The IPv6 equivalent of 1584.Va router_flags . 1585.It Va mrouted_enable 1586.Pq Vt bool 1587If set to 1588.Dq Li YES , 1589run the multicast routing daemon, 1590.Xr mrouted 8 . 1591.It Va mroute6d_enable 1592.Pq Vt bool 1593The IPv6 equivalent of 1594.Va mrouted_enable . 1595If set to 1596.Dq Li YES , 1597run the IPv6 multicast routing daemon. 1598Note that no IPv6 multicast routing daemon is included in the 1599.Dx 1600base system but 1601.Xr pim6dd 8 1602can be installed from the 1603.Xr pkgsrc 7 1604collection. 1605.It Va mrouted_flags 1606.Pq Vt str 1607If 1608.Va mrouted_enable 1609is set to 1610.Dq Li YES , 1611these are the flags to pass to the 1612.Xr mrouted 8 1613daemon. 1614.It Va mroute6d_flags 1615.Pq Vt str 1616The IPv6 equivalent of 1617.Va mrouted_flags . 1618If 1619.Va mroute6d_enable 1620is set to 1621.Dq Li YES , 1622these are the flags passed to the IPv6 multicast routing daemon. 1623.It Va mroute6d_program 1624.Pq Vt str 1625If 1626.Va mroute6d_enable 1627is set to 1628.Dq Li YES , 1629this is the path to the IPv6 multicast routing daemon. 1630.It Va rtadvd_enable 1631.Pq Vt bool 1632If set to 1633.Dq Li YES , 1634run the 1635.Xr rtadvd 8 1636daemon at boot time. 1637.Xr rtadvd 8 1638will only run if 1639.Va ipv6_gateway_enable 1640is also set to 1641.Dq Li YES . 1642The 1643.Xr rtadvd 8 1644utility sends router advertisement packets to the interfaces specified in 1645.Va rtadvd_interfaces . 1646.Xr rtadvd 8 1647and should only be enabled with great care. 1648You may want to fine-tune 1649.Xr rtadvd.conf 5 . 1650.It Va rtadvd_interfaces 1651.Pq Vt str 1652If 1653.Va rtadvd_enable 1654is set to 1655.Dq Li YES 1656this is the list of interfaces to use. 1657.It Va rtsold_enable 1658.Pq Vt bool 1659If set to 1660.Dq Li YES , 1661run the 1662.Xr rtsold 8 1663daemon at boot time. 1664The 1665.Xr rtsold 8 1666daemon is used for automatic discovery of non-link local addresses. 1667.It Va rtsold_flags 1668.Pq Vt str 1669If 1670.Va rtsold_enable 1671is set to 1672.Dq Li YES , 1673these are the flags to pass to the 1674.Xr rtsold 8 1675daemon. 1676.It Va arpproxy_all 1677.Pq Vt bool 1678If set to 1679.Dq Li YES , 1680enable global proxy ARP. 1681.It Va forward_sourceroute 1682.Pq Vt bool 1683If set to 1684.Dq Li YES 1685and 1686.Va gateway_enable 1687is also set to 1688.Dq Li YES , 1689source-routed packets are forwarded. 1690.It Va accept_sourceroute 1691.Pq Vt bool 1692If set to 1693.Dq Li YES , 1694the system will accept source-routed packets directed at it. 1695.It Va rarpd_enable 1696.Pq Vt bool 1697If set to 1698.Dq Li YES , 1699run the 1700.Xr rarpd 8 1701daemon at system boot time. 1702.It Va rarpd_flags 1703.Pq Vt str 1704If 1705.Va rarpd_enable 1706is set to 1707.Dq Li YES , 1708these are the flags to pass to the 1709.Xr rarpd 8 1710daemon. 1711.It Va bootparamd_enable 1712.Pq Vt bool 1713If set to 1714.Dq Li YES , 1715run the 1716.Xr bootparamd 8 1717daemon at system boot time. 1718.It Va bootparamd_flags 1719.Pq Vt str 1720If 1721.Va bootparamd_enable 1722is set to 1723.Dq Li YES , 1724these are the flags to pass to the 1725.Xr bootparamd 8 1726daemon. 1727.It Va stf_interface_ipv4addr 1728.Pq Vt str 1729If not set to 1730.Dq Li NO , 1731this is the local IPv4 address for 6to4 (IPv6 over IPv4 tunneling interface). 1732Specify this entry to enable the 6to4 interface. 1733.It Va stf_interface_ipv4plen 1734.Pq Vt int 1735Prefix length for 6to4 IPv4 addresses, to limit peer address range. 1736An effective value is 0-31. 1737.It Va stf_interface_ipv6_ifid 1738.Pq Vt str 1739IPv6 interface ID for 1740.Xr stf 4 . 1741This can be set to 1742.Dq Li AUTO . 1743.It Va stf_interface_ipv6_slaid 1744.Pq Vt str 1745IPv6 Site Level Aggregator for 1746.Xr stf 4 . 1747.It Va ipv6_faith_prefix 1748.Pq Vt str 1749If not set to 1750.Dq Li NO , 1751this is the faith prefix to enable a FAITH IPv6-to-IPv4 TCP translator. 1752You also need 1753.Xr faithd 8 1754setup. 1755.It Va ipv6_ipv4mapping 1756.Pq Vt bool 1757If set to 1758.Dq Li YES 1759this enables IPv4 mapped IPv6 address communication (like 1760.Li ::ffff:a.b.c.d ) . 1761.It Va keybell 1762.Pq Vt str 1763The keyboard bell sound. 1764Set to 1765.Dq Li normal , 1766.Dq Li visual , 1767.Dq Li off , 1768or 1769.Dq Li NO 1770if the default behavior is desired. 1771For details, refer to the 1772.Xr kbdcontrol 1 1773manpage. 1774.It Va keymap 1775.Pq Vt str 1776If set to 1777.Dq Li NO , 1778no keymap is installed, otherwise the value is used to install 1779the keymap file in 1780.Pa /usr/share/syscons/keymaps/ Ns Ao Ar value Ac Ns Pa .kbd . 1781.It Va keyrate 1782.Pq Vt str 1783The keyboard repeat speed. 1784Set to 1785.Dq Li slow , 1786.Dq Li normal , 1787.Dq Li fast , 1788or 1789.Dq Li NO 1790if the default behavior is desired. 1791.It Va keychange 1792.Pq Vt str 1793If not set to 1794.Dq Li NO , 1795attempt to program the function keys with the value. 1796The value should be a single string of the form: 1797.Dq Ar funkey_number new_value Op Ar funkey_number new_value ... . 1798.It Va cursor 1799.Pq Vt str 1800Can be set to the value of 1801.Dq Li normal , 1802.Dq Li blink , 1803.Dq Li destructive , 1804or 1805.Dq Li NO 1806to set the cursor behavior explicitly or choose the default behavior. 1807.It Va scrnmap 1808.Pq Vt str 1809If set to 1810.Dq Li NO , 1811no screen map is installed, otherwise the value is used to install 1812the screen map file in 1813.Pa /usr/share/syscons/scrnmaps/ Ns Aq Ar value . 1814.It Va font8x16 1815.Pq Vt str 1816If set to 1817.Dq Li NO , 1818the default 8x16 font value is used for screen size requests, otherwise 1819the value in 1820.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 1821is used. 1822.It Va font8x14 1823.Pq Vt str 1824If set to 1825.Dq Li NO , 1826the default 8x14 font value is used for screen size requests, otherwise 1827the value in 1828.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 1829is used. 1830.It Va font8x8 1831.Pq Vt str 1832If set to 1833.Dq Li NO , 1834the default 8x8 font value is used for screen size requests, otherwise 1835the value in 1836.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 1837is used. 1838.It Va blanktime 1839.Pq Vt int 1840If set to 1841.Dq Li NO , 1842the default screen blanking interval is used, otherwise it is set to 1843.Ar value 1844seconds. 1845.It Va saver 1846.Pq Vt str 1847If not set to 1848.Dq Li NO , 1849this is the actual screen saver to use 1850.Li ( blank , snake , daemon , 1851etc). 1852.It Va moused_nondefault_enable 1853.Pq Vt str 1854If set to 1855.Dq Li NO , 1856the mouse device specified on 1857the command line is not automatically treated as enabled by the 1858.Pa /etc/rc.d/moused 1859script. 1860Having this variable set to 1861.Dq Li YES 1862allows a 1863.Xr usb 4 1864mouse, 1865for example, 1866to be enabled as soon as it is plugged in. 1867.It Va moused_enable 1868.Pq Vt str 1869If set to 1870.Dq Li YES , 1871the 1872.Xr moused 8 1873daemon is started for doing cut/paste selection on the console. 1874.It Va moused_type 1875.Pq Vt str 1876This is the protocol type of the mouse connected to this host. 1877This variable must be set if 1878.Va moused_enable 1879is set to 1880.Dq Li YES . 1881The 1882.Xr moused 8 1883daemon 1884is able to detect the appropriate mouse type automatically in many cases. 1885Set this variable to 1886.Dq Li auto 1887to let the daemon detect it, or 1888select one from the following list if the automatic detection fails. 1889.Pp 1890If the mouse is attached to the PS/2 mouse port, choose 1891.Dq Li auto 1892or 1893.Dq Li ps/2 , 1894regardless of the brand and model of the mouse. 1895Likewise, if the mouse is attached to the bus mouse port, choose 1896.Dq Li auto 1897or 1898.Dq Li busmouse . 1899All other protocols are for serial mice and will not work with 1900the PS/2 and bus mice. 1901If this is a USB mouse, 1902.Dq Li auto 1903is the only protocol type which will work. 1904.Pp 1905.Bl -tag -width ".Li x10mouseremote" -compact 1906.It Li microsoft 1907Microsoft mouse (serial) 1908.It Li intellimouse 1909Microsoft IntelliMouse (serial) 1910.It Li mousesystems 1911Mouse systems Corp. mouse (serial) 1912.It Li mmseries 1913MM Series mouse (serial) 1914.It Li logitech 1915Logitech mouse (serial) 1916.It Li busmouse 1917A bus mouse 1918.It Li mouseman 1919Logitech MouseMan and TrackMan (serial) 1920.It Li glidepoint 1921ALPS GlidePoint (serial) 1922.It Li thinkingmouse 1923Kensington ThinkingMouse (serial) 1924.It Li ps/2 1925PS/2 mouse 1926.It Li mmhittab 1927MM HitTablet (serial) 1928.It Li x10mouseremote 1929X10 MouseRemote (serial) 1930.It Li versapad 1931Interlink VersaPad (serial) 1932.El 1933.Pp 1934Even if the mouse is not in the above list, it may be compatible 1935with one in the list. 1936Refer to the man page for 1937.Xr moused 8 1938for compatibility information. 1939.Pp 1940It should also be noted that while this is enabled, any 1941other client of the mouse (such as an X server) should access 1942the mouse through the virtual mouse device, 1943.Pa /dev/sysmouse , 1944and configure it as a 1945.Dq Li sysmouse 1946type mouse, since all 1947mouse data is converted to this single canonical format when using 1948.Xr moused 8 . 1949If the client program does not support the 1950.Dq Li sysmouse 1951type, specify the 1952.Dq Li mousesystems 1953type. 1954It is the second preferred type. 1955.It Va moused_port 1956.Pq Vt str 1957If 1958.Va moused_enable 1959is set to 1960.Dq Li YES , 1961this is the actual port the mouse is on. 1962It might be 1963.Pa /dev/cuaa0 1964for a COM1 serial mouse or 1965.Pa /dev/psm0 1966for a PS/2 mouse, for example. 1967.It Va moused_flags 1968.Pq Vt str 1969If 1970.Va moused_type 1971is set, these are the additional flags to pass to the 1972.Xr moused 8 1973daemon. 1974.It Va mousechar_start 1975.Pq Vt int 1976If set to 1977.Dq Li NO , 1978the default mouse cursor character range 1979.Li 0xd0 Ns - Ns Li 0xd3 1980is used, otherwise the range start is set to 1981.Ar value 1982character, see 1983.Xr vidcontrol 1 . 1984Use if the default range is occupied in the language code table. 1985.It Va vidhistory 1986.Pq Vt int 1987Set the size of the history (scrollback) buffer in lines. 1988.It Va allscreens_flags 1989.Pq Vt str 1990If set, 1991.Xr vidcontrol 1 1992is run with these options for each of the virtual terminals 1993.Pq Pa /dev/ttyv* . 1994For example, 1995.Dq Fl m Cm on 1996will enable the mouse pointer on all virtual terminals if 1997.Va moused_enable 1998is set to 1999.Dq Li YES . 2000.It Va allscreens_kbdflags 2001.Pq Vt str 2002If set, 2003.Xr kbdcontrol 1 2004is run with these options for each of the virtual terminals 2005.Pq Pa /dev/ttyv* . 2006For example, 2007.Dq Fl h Li 200 2008will set the 2009.Xr syscons 4 2010scrollback (history) buffer to 200 lines. 2011.It Va cron_enable 2012.Pq Vt bool 2013If set to 2014.Dq Li YES , 2015run the 2016.Xr cron 8 2017daemon at system boot time. 2018.It Va cron_program 2019.Pq Vt str 2020Path to 2021.Xr cron 8 2022(default 2023.Pa /usr/sbin/cron ) . 2024.It Va cron_flags 2025.Pq Vt str 2026If 2027.Va cron_enable 2028is set to 2029.Dq Li YES , 2030these are the flags to pass to 2031.Xr cron 8 . 2032.It Va lpd_program 2033.Pq Vt str 2034Path to 2035.Xr lpd 8 2036(default 2037.Pa /usr/sbin/lpd ) . 2038.It Va lpd_enable 2039.Pq Vt bool 2040If set to 2041.Dq Li YES , 2042run the 2043.Xr lpd 8 2044daemon at system boot time. 2045.It Va lpd_flags 2046.Pq Vt str 2047If 2048.Va lpd_enable 2049is set to 2050.Dq Li YES , 2051these are the flags to pass to the 2052.Xr lpd 8 2053daemon. 2054.It Va nscd_enable 2055.Pq Vt bool 2056If set to 2057.Dq Li YES , 2058run the 2059.Xr nscd 8 2060daemon at system boot time. 2061.It Va mixer_enable 2062.Pq Vt bool 2063If set to 2064.Dq Li YES , 2065preserve 2066.Xr mixer 8 2067settings across reboots. 2068.It Va mta_start_script 2069.Pq Vt str 2070The full path to the script to run to start 2071a mail transfer agent. 2072The default is 2073.Pa /etc/rc.sendmail . 2074The 2075.Va sendmail_* 2076variables which 2077.Pa /etc/rc.sendmail 2078uses are documented in the 2079.Xr rc.sendmail 8 2080man page. 2081.It Va fixbootfile 2082.Pq Vt bool 2083In a 2084.Sq HAMMER ROOT with UFS /boot 2085setup, the boot loader will not set up the 2086.Va kern.bootfile 2087sysctl correctly. 2088The system will attempt to fix this on its own. 2089Set this variable to 2090.Dq Li NO 2091to turn this behavior off. 2092.It Va dumpdev 2093.Pq Vt str 2094Indicates the device (usually a swap partition) to which a crash dump 2095should be written in the event of a system crash. 2096The value of this variable is passed as the argument to 2097.Xr dumpon 8 2098and 2099.Xr savecore 8 . 2100To disable crash dumps, set this variable to 2101.Dq Li NO . 2102.It Va dumpdir 2103.Pq Vt str 2104When the system reboots after a crash and a crash dump is found on the 2105device specified by the 2106.Va dumpdev 2107variable, 2108.Xr savecore 8 2109will save that crash dump and a copy of the kernel to the directory 2110specified by the 2111.Va dumpdir 2112variable. 2113The default value is 2114.Pa /var/crash . 2115Set to 2116.Dq Li NO 2117to not run 2118.Xr savecore 8 2119at boot time when 2120.Va dumpdir 2121is set. 2122.It Va savecore_flags 2123.Pq Vt str 2124If crash dumps are enabled, these are the flags to pass to the 2125.Xr savecore 8 2126utility. 2127.It Va crashinfo_enable 2128.Pq Vt bool 2129Set to 2130.Dq Li YES 2131to turn on automatic crash dump summary generation using the utility 2132specified by the 2133.Va crashinfo_program 2134variable. 2135.It Va crashinfo_program 2136.Pq Vt str 2137Program to run to generate a crash dump summary if the variable 2138.Va crashinfo_enable 2139is set to 2140.Dq Li YES . 2141The default value is 2142.Pa /usr/sbin/crashinfo . 2143.It Va enable_quotas 2144.Pq Vt bool 2145Set to 2146.Dq Li YES 2147to turn on user disk quotas on system startup via the 2148.Xr quotaon 8 2149command. 2150.It Va check_quotas 2151.Pq Vt bool 2152Set to 2153.Dq Li YES 2154to enable user disk quota checking via the 2155.Xr quotacheck 8 2156command. 2157.It Va accounting_enable 2158.Pq Vt bool 2159Set to 2160.Dq Li YES 2161to enable system accounting through the 2162.Xr accton 8 2163facility. 2164.It Va linux_enable 2165.Pq Vt bool 2166Set to 2167.Dq Li YES 2168to enable Linux/ELF binary emulation at system initial boot time. 2169.\" ----- cleanvar_enable setting-------------------------------- 2170.It Va cleanvar_enable 2171.Pq Vt bool 2172Set to 2173.Dq Li YES 2174to have 2175.Pa /var/run , 2176.Pa /var/spool/lock 2177and 2178.Pa /var/spool/uucp/.Temp/* 2179cleaned at startup. 2180.\" ----- clear_tmp_enable setting------------------------------- 2181.It Va clear_tmp_enable 2182.Pq Vt bool 2183Set to 2184.Dq Li YES 2185to have 2186.Pa /tmp 2187cleaned at startup. 2188.\" ----- ldconfig_paths setting -------------------------------- 2189.It Va ldconfig_paths 2190.Pq Vt str 2191Set to the list of shared library paths to use with 2192.Xr ldconfig 8 . 2193NOTE: 2194.Pa /usr/lib 2195will always be added first, so it need not appear in this list. 2196.It Va ldconfig_insecure 2197.Pq Vt bool 2198The 2199.Xr ldconfig 8 2200utility normally refuses to use directories 2201which are writable by anyone except root. 2202Set this variable to 2203.Dq Li YES 2204to disable that security check during system startup. 2205.It Va ldconfig_local_dirs 2206.Pq Vt str 2207Set to the list of local 2208.Xr ldconfig 8 2209directories. 2210The names of all files in the directories listed will be 2211passed as arguments to 2212.Xr ldconfig 8 . 2213.It Va kern_securelevel 2214.Pq Vt int 2215The kernel security level to set at startup. 2216The allowed range of 2217.Ar value 2218ranges from \-1 (the compile time default) to 3 (the most secure). 2219See 2220.Xr init 8 2221for the list of possible security levels and their effect on system operation. 2222.It Va start_vinum 2223.Pq Vt bool 2224Set to 2225.Dq Li YES 2226to start 2227.Xr vinum 8 2228at system boot time. 2229.It Va sshd_enable 2230.Pq Vt bool 2231Set to 2232.Dq Li YES 2233to start 2234.Xr sshd 8 2235at system boot time. 2236.It Va sshd_program 2237.Pq Vt str 2238Path to the SSH server program 2239(default 2240.Pa /usr/sbin/sshd ) . 2241.It Va sshd_flags 2242.Pq Vt str 2243If 2244.Va sshd_enable 2245is set to 2246.Dq Li YES , 2247these are the flags to pass to the 2248.Xr sshd 8 2249daemon. 2250.It Va ftpd_enable 2251.Pq Vt bool 2252Set to 2253.Dq Li YES 2254to start 2255.Xr ftpd 8 2256at system boot time. 2257.It Va ftpd_flags 2258.Pq Vt str 2259If 2260.Va ftpd_enable 2261is set to 2262.Dq Li YES , 2263these are the flags to pass to the 2264.Xr ftpd 8 2265daemon. 2266.It Va usbd_enable 2267.Pq Vt bool 2268If set to 2269.Dq Li YES , 2270run the 2271.Xr usbd 8 2272daemon at boot time. 2273.It Va usbd_flags 2274.Pq Vt str 2275If 2276.Va usbd_enable 2277is set to 2278.Dq Li YES , 2279these are the flags passed to 2280.Xr usbd 8 2281daemon. 2282.It Va watchdogd_enable 2283.Pq Vt bool 2284If set to 2285.Dq Li YES , 2286start the 2287.Xr watchdogd 8 2288daemon at boot time. 2289This requires that the kernel have been compiled with 2290.Cd "options WATCHDOG" . 2291.It Va jail_enable 2292.Pq Vt bool 2293If set to 2294.Dq Li NO , 2295any configured jails will not be started. 2296.It Va jail_list 2297.Pq Vt str 2298A space separated list of names for jails. 2299This is purely a configuration aid to help identify and 2300configure multiple jails. 2301The names specified in this list will be used to 2302identify settings common to an instance of a jail. 2303Assuming that the jail in question was named 2304.Li vjail , 2305you would have the following dependent variables: 2306.Bd -literal 2307jail_vjail_hostname="jail.example.com" 2308jail_vjail_ip="192.168.1.100" 2309jail_vjail_rootdir="/var/jails/vjail/root" 2310.Ed 2311.It Va jail_flags 2312.Pq Vt str 2313Unset by default. 2314When set, use as default value for 2315.Va jail_ Ns Ao Ar jname Ac Ns Va _flags 2316for every jail in 2317.Va jail_list . 2318.It Va jail_interface 2319.Pq Vt str 2320Unset by default. 2321When set, use as default value for 2322.Va jail_ Ns Ao Ar jname Ac Ns Va _interface 2323for every jail in 2324.Va jail_list . 2325.It Va jail_fstab 2326.Pq Vt str 2327Unset by default. 2328When set, use as default value for 2329.Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 2330for every jail in 2331.Va jail_list . 2332.It Va jail_mount_enable 2333.Pq Vt bool 2334Set to 2335.Dq Li NO 2336by default. 2337When set to 2338.Dq Li YES , 2339sets 2340.Va jail_ Ns Ao Ar jname Ac Ns Va _mount_enable 2341to 2342.Dq Li YES 2343by default for every jail in 2344.Va jail_list . 2345.It Va jail_fdesc_enable 2346.Pq Vt bool 2347Set to 2348.Dq Li NO 2349by default. 2350When set to 2351.Dq Li YES , 2352sets 2353.Va jail_ Ns Ao Ar jname Ac Ns Va _fdesc_enable 2354to 2355.Dq Li YES 2356by default for every jail in 2357.Va jail_list . 2358.It Va jail_procfs_enable 2359.Pq Vt bool 2360Set to 2361.Dq Li NO 2362by default. 2363When set to 2364.Dq Li YES , 2365sets 2366.Va jail_ Ns Ao Ar jname Ac Ns Va _procfs_enable 2367to 2368.Dq Li YES 2369by default for every jail in 2370.Va jail_list . 2371.It Va jail_devfs_enable 2372.Pq Vt bool 2373Set to 2374.Dq Li NO 2375by default. 2376When set to 2377.Dq Li YES , 2378sets 2379.Va jail_ Ns Ao Ar jname Ac Ns Va _devfs_enable 2380to 2381.Dq Li YES 2382by default for every jail in 2383.Va jail_list . 2384.It Va jail_exec_start 2385.Pq Vt str 2386Unset by default. 2387When set, use as default value for 2388.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_start 2389for every jail in 2390.Va jail_list . 2391.It Va jail_exec_stop 2392Unset by default. 2393When set, use as default value for 2394.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_stop 2395for every jail in 2396.Va jail_list . 2397.It Va jail_ Ns Ao Ar jname Ac Ns Va _rootdir 2398.Pq Vt str 2399Unset by default. 2400Set to the root directory used by jail 2401.Va jname . 2402.It Va jail_ Ns Ao Ar jname Ac Ns Va _hostname 2403.Pq Vt str 2404Unset by default. 2405Set to the fully qualified domain name (FQDN) assigned to jail 2406.Va jname . 2407.It Va jail_ Ns Ao Ar jname Ac Ns Va _ip 2408.Pq Vt str 2409Unset by default. 2410Set to the IP address assigned to jail 2411.Va jname . 2412.It Va jail_ Ns Ao Ar jname Ac Ns Va _flags 2413.Pq Vt str 2414Set to 2415.Dq Li -l -U root 2416by default. 2417These are flags to pass to 2418.Xr jail 8 . 2419.It Va jail_ Ns Ao Ar jname Ac Ns Va _interface 2420.Pq Vt str 2421Unset by default. 2422When set, sets the interface to use when setting IP address alias. 2423Note that the alias is created at jail startup and removed at jail shutdown. 2424.It Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 2425.Pq Vt str 2426Set to 2427.Pa /etc/fstab. Ns Aq Ar jname 2428by default. 2429This is the file system information file to use for jail 2430.Va jname . 2431.It Va jail_ Ns Ao Ar jname Ac Ns Va _mount_enable 2432.Pq Vt bool 2433Set to 2434.Dq Li NO 2435by default. 2436When set to 2437.Dq Li YES , 2438mount all file systems from 2439.Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 2440at jail startup. 2441.It Va jail_ Ns Ao Ar jname Ac Ns Va _fdesc_enable 2442.Pq Vt bool 2443Set to 2444.Dq Li NO 2445by default. 2446When set to 2447.Dq Li YES , 2448mount the file-descriptor file system inside jail 2449.Ar jname 2450at jail startup. 2451.It Va jail_ Ns Ao Ar jname Ac Ns Va _procfs_enable 2452.Pq Vt bool 2453Set to 2454.Dq Li NO 2455by default. 2456When set to 2457.Dq Li YES , 2458mount the process file system inside jail 2459.Ar jname 2460at jail startup. 2461.It Va jail_ Ns Ao Ar jname Ac Ns Va _devfs_enable 2462.Pq Vt bool 2463Set to 2464.Dq Li NO 2465by default. 2466When set to 2467.Dq Li YES , 2468mount the device file system inside jail 2469.Ar jname 2470at jail startup. 2471.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_start 2472.Pq Vt str 2473Set to 2474.Dq Li /bin/sh /etc/rc 2475by default. 2476This is the command executed at jail startup. 2477.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_stop 2478.Pq Vt str 2479Set to 2480.Dq Li /bin/sh /etc/rc.shutdown 2481by default. 2482This is the command executed at jail shutdown. 2483.It Va jail_set_hostname_allow 2484.Pq Vt bool 2485If set to 2486.Dq Li NO , 2487do not allow the root user in a jail to set its hostname. 2488.It Va jail_socket_unixiproute_only 2489.Pq Vt bool 2490If set to 2491.Dq Li YES , 2492do not allow any sockets, 2493besides UNIX/IP/route sockets, 2494to be used within a jail. 2495.It Va jail_sysvipc_allow 2496.Pq Vt bool 2497If set to 2498.Dq Li YES , 2499allow applications within a jail to use System V IPC. 2500.It Va lvm_enable 2501.Pq Vt bool 2502If set to 2503.Dq Li YES 2504LVM volumes will be discovered and configured on boot. 2505.It Va newsyslog_enable 2506.Pq Vt bool 2507If set to 2508.Dq Li YES , 2509run 2510.Xr newsyslog 8 2511before syslogd starts. 2512.It Va newsyslog_flags 2513.Pq Vt str 2514If 2515.Va newsyslog_enable 2516is set to 2517.Dq Li YES , 2518these are the flags passed to 2519.Xr newsyslog 8 . 2520.It Va resident_enable 2521.Pq Vt bool 2522If set to 2523.Dq Li YES , 2524make the dynamic binaries listed in 2525.Pa /etc/resident.conf 2526resident. 2527.It Va varsym_enable 2528.Pq Vt bool 2529If set to 2530.Dq Li YES , 2531process 2532.Pa /etc/varsym.conf 2533to set system-wide variables for variant symlinks. 2534.It Va rand_irqs 2535.Pq Vt str 2536Set either to 2537.Dq Li NO 2538or a whitespace separated list of IRQ numbers which will be used as a source of 2539randomness. 2540.\" ----------------------------------------------------- 2541.It Va entropy_dir 2542.Pq Vt str 2543Set to 2544.Dq Li NO 2545to disable caching entropy via 2546.Xr cron 8 . 2547Otherwise set to the directory used to store entropy files in. 2548.It Va entropy_file 2549.Pq Vt str 2550Set to 2551.Dq Li NO 2552to disable caching entropy through reboots. 2553Otherwise set to the filename used to store cached entropy through reboots. 2554This file should be located on the root file system to seed the 2555.Xr random 4 2556device as early as possible in the boot process. 2557.It Va entropy_save_sz 2558.Pq Vt int 2559Determines the size of the entropy cache files used for entropy cached 2560through reboots and also entropy cached via 2561.Xr cron 8 . 2562The entropy is fed to the system in blocks of 512 bytes, so this number 2563should be large enough to fill as many of the entropy pools in the kernel 2564CSPRNG as possible. 2565By default, it is set to 16384, which should be able to seed all 32 entropy 2566pools in the Fortuna CSPRNG. 2567.It Va ipsec_enable 2568.Pq Vt bool 2569Set to 2570.Dq Li YES 2571to run 2572.Xr setkey 8 2573on 2574.Va ipsec_file 2575at boot time. 2576.It Va ipsec_file 2577.Pq Vt str 2578Configuration file for 2579.Xr setkey 8 . 2580.It Va dmesg_enable 2581.Pq Vt bool 2582Set to 2583.Dq Li YES 2584to save 2585.Xr dmesg 8 2586to 2587.Pa /var/run/dmesg.boot 2588on boot. 2589.It Va rcshutdown_timeout 2590.Pq Vt int 2591If set, start a watchdog timer in the background which will terminate 2592.Pa rc.shutdown 2593if 2594.Xr shutdown 8 2595has not completed within the specified time (in seconds). 2596Notice that in addition to this soft timeout, 2597.Xr init 8 2598also applies a hard timeout for the execution of 2599.Pa rc.shutdown . 2600This is configured via 2601.Xr sysctl 8 2602variable 2603.Va kern.init_shutdown_timeout 2604and defaults to 120 seconds. Setting the value of 2605.Va rcshutdown_timeout 2606to more than 120 seconds will have no effect until the 2607.Xr sysctl 8 2608variable 2609.Va kern.init_shutdown_timeout 2610is also increased. 2611.It Va udevd_enable 2612.Pq Vt bool 2613If set to 2614.Dq Li YES , 2615the udevd daemon will be started on boot. 2616.It Va vfs_quota_enable 2617.Pq Vt bool 2618If set to 2619.Dq Li YES , 2620vfs quota rc.d scripts will be run on boot. 2621.It Va vfs_quota_sync 2622.Pq Vt str 2623List of mount points whose counters are to be synchronized with on-disk 2624usage during system startup. See also 2625.Xr vquota 8 . 2626.It Va vknetd_enable 2627.Pq Vt bool 2628If set to 2629.Dq Li YES , 2630.Xr vknetd 8 2631will be started on boot. 2632.It Va vknetd_flags 2633.Pq Vt bool 2634Additional flags passed to 2635.Xr vknetd 8 . 2636Usually address/cidrbits is specified here. 2637When no flags are passed, default option 2638.Fl U 2639will be used. 2640.It Va vkernel_enable 2641.Pq Vt bool 2642If set to 2643.Dq Li NO , 2644any configured vkernels will not be started. 2645.It Va vkernel_kill_timeout 2646.Pq Vt int 2647This defines the default number of seconds that we will wait for the 2648vkernel to shut down on it's own. If after this time it's still alive, 2649it will be killed with SIGKILL. 2650.It Va vkernel_bin 2651.Pq Vt str 2652Defines the default path to the vkernel binary. 2653.It Va vkernel_list 2654.Pq Vt str 2655A space separated list of names for vkernels. 2656This is purely a configuration aid to help identify and 2657configure multiple vkernels. 2658The names specified in this list will be used to 2659identify settings common to a vkernel instance. 2660Assuming that the vkernel in question was named 2661.Li example , 2662you would have the following dependent variables 2663(filled with reference values in this text): 2664.Bd -literal 2665vkernel_example_bin="/usr/obj/usr/src/sys/VKERNEL/kernel.debug" 2666vkernel_example_memsize="64m" 2667vkernel_example_rootimg_list="/var/vkernel/rootimg.01" 2668vkernel_example_iface_list="auto:bridge0" 2669vkernel_example_logfile="/dev/null" 2670vkernel_example_flags="-U" 2671vkernel_example_kill_timeout="45" 2672.Ed 2673.Pp 2674The last five are optional. 2675They default to an empty string if not set, except for logfile which defaults to 2676.Pa /dev/null 2677if it is not set. 2678.El 2679.Sh FILES 2680.Bl -tag -width ".Pa /etc/start_if. Ns Aq Ar interface" -compact 2681.It Pa /etc/defaults/rc.conf 2682.It Pa /etc/rc.conf 2683.It Pa /etc/rc.conf.local 2684.It Pa /etc/start_if. Ns Aq Ar interface 2685.El 2686.Sh SEE ALSO 2687.Xr catman 1 , 2688.Xr gdb 1 , 2689.Xr info 1 , 2690.Xr kbdcontrol 1 , 2691.Xr varsym 1 , 2692.Xr vidcontrol 1 , 2693.Xr ip 4 , 2694.Xr ipfw 4 , 2695.Xr kld 4 , 2696.Xr pf 4 , 2697.Xr tcp 4 , 2698.Xr udp 4 , 2699.Xr vlan 4 , 2700.Xr exports 5 , 2701.Xr motd 5 , 2702.Xr resident.conf 5 , 2703.Xr varsym.conf 5 , 2704.Xr accton 8 , 2705.Xr amd 8 , 2706.Xr apm 8 , 2707.Xr btconfig 8 , 2708.Xr bthcid 8 , 2709.Xr cron 8 , 2710.Xr devd 8 , 2711.Xr dhclient 8 , 2712.Xr dntpd 8 , 2713.Xr ftpd 8 , 2714.Xr ifconfig 8 , 2715.Xr inetd 8 , 2716.Xr jail 8 , 2717.Xr lpd 8 , 2718.Xr makewhatis 8 , 2719.Xr mixer 8 , 2720.Xr mountd 8 , 2721.Xr moused 8 , 2722.Xr mrouted 8 , 2723.Xr named 8 , 2724.Xr nfsd 8 , 2725.Xr pcnfsd 8 , 2726.Xr pfctl 8 , 2727.Xr pflogd 8 , 2728.Xr quotacheck 8 , 2729.Xr quotaon 8 , 2730.Xr rc 8 , 2731.Xr rc.sendmail 8 , 2732.Xr resident 8 , 2733.Xr rndcontrol 8 , 2734.Xr route 8 , 2735.Xr routed 8 , 2736.Xr rpcbind 8 , 2737.Xr rpc.lockd 8 , 2738.Xr rpc.statd 8 , 2739.Xr rtadvd 8 , 2740.Xr rtsold 8 , 2741.Xr rwhod 8 , 2742.Xr savecore 8 , 2743.Xr sdpd 8 , 2744.Xr sensorsd 8 , 2745.Xr sshd 8 , 2746.Xr swapon 8 , 2747.Xr sysctl 8 , 2748.Xr syslogd 8 , 2749.Xr sysvipcd 8 , 2750.Xr timed 8 , 2751.Xr usbd 8 , 2752.Xr vinum 8 , 2753.Xr yp 8 , 2754.Xr ypbind 8 , 2755.Xr ypserv 8 , 2756.Xr ypset 8 2757.Sh HISTORY 2758The 2759.Nm 2760file appeared in 2761.Fx 2.2.2 . 2762.Sh AUTHORS 2763.An Jordan K. Hubbard . 2764